Implement user-specific OAuth client instances

[ojmarte]

Problem

In our current implementation, the OAuth client is globally instantiated, leading to a limitation where it cannot handle multiple users concurrently in a secure and isolated manner. This setup restricts the application's ability to provide personalized experiences and poses a security risk, as the authentication state is not user-specific.

Solution

To address this, we have implemented a system where each user in our application gets a unique instance of the OAuth client. This change involves:

1. User-Specific Credential Storage: Securely storing client_id and client_secret in our database, linked to individual user accounts.
2. Dynamic OAuth Client Creation: Modifying the API routes to dynamically create an OAuth client instance using the stored credentials for each user request. This ensures that each authentication flow is unique and isolated to the user.
3. Session Management Enhancements: Improving session management to maintain user identity across the OAuth flow, enabling a secure and seamless authentication process.

Result

With these changes, our application now supports a multi-user environment with enhanced security and personalization. Each user's authentication process is independently managed, allowing for a scalable and user-focused experience. This update lays the groundwork for future features that require user-specific settings and permissions, further advancing our application's capabilities.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}